[3299] in bugtraq
Re: Tired of /tmp? Here's a proposed solution
daemon@ATHENA.MIT.EDU (Matthew J Brown)
Wed Aug 28 15:09:58 1996
Date: Wed, 28 Aug 1996 11:21:41 +0100
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: "Matthew J Brown <mjb@sophos.com
X-To: "Guido M. Witmond" <guido@dataweb.nl>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <199608270848.KAA09177@this.is.my.net>
Guido M. Witmond writes:
> Well, this is a good quick hack. What about removing the CONCEPT of
> public writable filesystems like /tmp.
>
> One of the reasons for the /tmp filesystem is to provide users with some
> extra diskspace that's for temporary use and does not limit users to their
> respective quotas.
> Nowadays with ever larger and cheaper disks it is acceptable to let every
> user create a ~/tmp directory as a private scrapyard. This prevents any
> /tmp attacks and the use of the quota-system gives enough flexibility
> to enlarge or reduce the area, even more than the fixed size of /tmp.
/tmp still has many advantages, though.
Firstly, it's pretty much guaranteed to be a local filesystem, and not
on an NFS partition. This gives better performance. On some systems
it's a tmpfs partition, with the advantage of even better performance
and automatic deletion on reboot.
Secondly, it's an area that's automatically deleted every so often, so
has a different 'feel' to it than a ~/tmp.
Thirdly, it's often used to pass files to other users on the same
system.
I think what is actually needed is to have a directory /tmp/<user> for
each user on the system. This keeps advantages one and two: it's a
local disk and automatically deleted. This directory should be owned
by the user and mode 700.
Then a space ought to be set up for the temporary exchange of files
between users, called something like /common. This should also be
automatically deleted, but programs should not automatically create
temp files here.
-Matt
